CVE-2025-63811 | THREATINT

Description

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service (DoS) via crafted JSON Web Encryption (JWE) token with an exceptionally high compression ratio.

PUBLISHED Reserved 2025-10-27 | Published 2025-11-12 | Updated 2025-11-13 | Assigner mitre

References

github.com/dvsekhvalnov/jose2go/issues/33

cve.org (CVE-2025-63811)

nvd.nist.gov (CVE-2025-63811)

Download JSON